package com.caigou.controller;

import com.caigou.bean.cms.entity.Privilege;
import com.caigou.bean.cms.param.*;
import com.caigou.bean.exam.entity.Users;
import com.caigou.bean.param.FunctionStaffPrivilegeParam;
import com.caigou.bean.param.PrivilegeParam;
import com.caigou.bean.vo.PrivilegeVO;
import com.caigou.bean.vo.RoleUserVO;
import com.caigou.bean.vo.StaffPrivilegesVO;
import com.caigou.enums.ResponseEnum;
import com.caigou.security.utils.CurrentUser;
import com.caigou.service.IUsersService;
import com.caigou.util.Result;
import com.caigou.util.ResultUtil;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import springfox.documentation.annotations.ApiIgnore;

import javax.annotation.Resource;
import java.util.List;

@Slf4j
@Api(tags = "后台权限控制")
@RestController
@RequestMapping("/authority")
public class UserAuthorityController {


    @Resource
    private IUsersService usersService;


    /**
     *条件查询角色列表并包含角色下用户
     * @param
     * @param user
     * @return
     */
    @ApiOperation(value = "条件查询角色列表并包含角色下用户", notes = "后台根据条件分页查询用户")
    @GetMapping("/roles/user")
    @PreAuthorize("hasAnyAuthority('yuangong3guanli','yuangongchaxun')")
    public Result<List<RoleUserVO>> findRolesUser( @ApiIgnore @CurrentUser Users user) {
        return usersService.findRolesUser();
    }

    /**
     * 添加角色
     * @param param
     * @param user
     * @return
     */
    @PostMapping("/add/role")
    @PreAuthorize("hasAnyAuthority('yuangongguanli')")
    public Result<Integer> addRole(@RequestBody RoleParam param, @ApiIgnore @CurrentUser Users user) {
        return usersService.addRoleByParam(param);
    }



    /**
     * 调整员工角色
     * @param param
     * @param user
     * @return
     */
    @PostMapping("/assign/roles")
    @ApiOperation(value = "对用户分配添加角色", notes = "对用户添加角色,只有拥有超级管理员权限可访问")
    @PreAuthorize("hasAnyAuthority('yuangongguanli')")
    public Result<Integer> assignRoles(@RequestBody AssignRoleParam param, @ApiIgnore @CurrentUser Users user) {
        return usersService.assignRoles(param);
    }

    /**
     * 调整角色权限
     * @param param
     * @param user
     * @return
     */
    @PostMapping("/assign/role/privilege")
    @ApiOperation(value = "对用户分配添加角色", notes = "对用户添加角色,只有拥有超级管理员权限可访问")
    @PreAuthorize("hasAnyAuthority('yuangongguanli')")
    public Result<Integer> assignRolePrivilege(@RequestBody AssignRolePrivilegeParam param, @ApiIgnore @CurrentUser Users user) {
        return usersService.assignRolePrivilege(param);
    }

    /**
     * 删除角色 (当前角色下有用户无法删除)
     * @param param
     * @param user
     * @return
     */
    @PostMapping("/role/delete")
    @ApiOperation(value = "对用户分配添加角色", notes = "对用户添加角色,只有拥有超级管理员权限可访问")
    @PreAuthorize("hasAnyAuthority('yuangongguanli')")
    public Result<Integer> deleteRole(@RequestBody RoleParam param, @ApiIgnore @CurrentUser Users user) {
        return usersService.deleteRoleByRoleCode(param);
    }



    /**
     * 查询角色列表
     *
     * @param user
     * @return
     */
    @ApiOperation(value = "查询角色列表", notes = "查询系统中的角色,需要携带用户token")
    @GetMapping("/roles")
    @PreAuthorize("hasAnyAuthority('yuangongchaxun')")
    public Result findRolesByParam(@ApiIgnore @CurrentUser Users user) {
        return usersService.findRolesByParam();
    }

    /**
     * 根据角色code查询权限
     *
     * @param param
     * @param user
     * @return
     */
    @PostMapping("/role/privileges")
    @PreAuthorize("hasAnyAuthority('yuangongchaxun')")
    public Result<List<PrivilegeVO>> findRolePrivilegesByRoleId(@RequestBody RoleParam param, @ApiIgnore @CurrentUser Users user) {
        return usersService.findRolePrivilegesByRoleId(param);
    }


    /**
     * 查询权限总列表
     *
     * @param user
     * @return
     */
    @GetMapping("/privileges")
    @ApiOperation(value = "查询权限列表", notes = "查询权限列表,只有拥有超级管理员权限可访问")
    @PreAuthorize("hasAnyAuthority('yuangongchaxun')")
    public Result<List<Privilege>> findAllPrivileges(@ApiIgnore @CurrentUser Users user) {
        return Result.success(usersService.findAllPrivileges());
    }

    /**
     * 查询权限层级列表
     *
     * @param user
     * @return
     */
    @GetMapping("/level/privileges")
    @ApiOperation(value = "查询权限列表", notes = "查询权限列表,只有拥有超级管理员权限可访问")
    @PreAuthorize("hasAnyAuthority('yuangongchaxun')")
    public Result<List<Privilege>> findAllLevelPrivileges(@ApiIgnore @CurrentUser Users user) {
        return Result.success(usersService.findAllLevelPrivileges());
    }

    /**
     * 添加权限-超级管理员可操作
     *
     * @param user
     * @return
     */
    @PostMapping("/privileges/add")
    @ApiOperation(value = "查询权限列表", notes = "查询权限列表,只有拥有超级管理员权限可访问")
    @PreAuthorize("hasAnyAuthority('yuangongguanli')")
    public Result addPrivileges(@RequestBody PrivilegeParam param, @ApiIgnore @CurrentUser Users user) {
        return Result.success(usersService.addPrivileges(param));
    }

    /**
     * 编辑权限-超级管理员可操作
     *
     * @param user
     * @return
     */
    @PostMapping("/privileges/edit")
    @ApiOperation(value = "查询权限列表", notes = "查询权限列表,只有拥有超级管理员权限可访问")
    @PreAuthorize("hasAnyAuthority('yuangongguanli')")
    public Result editPrivileges(@RequestBody PrivilegeParam param, @ApiIgnore @CurrentUser Users user) {
        Integer integer = usersService.editPrivileges(param);
        if (integer == 0) {
            return Result.error(ResponseEnum.PARAM_ERROR, "编辑失败(该权限被已删除)");
        }
        return Result.success(integer);
    }

    /**
     * 添加权限-超级管理员可操作
     *
     * @param user
     * @return
     */
    @PostMapping("/privileges/delete")
    @ApiOperation(value = "查询权限列表", notes = "查询权限列表,只有拥有超级管理员权限可访问")
    @PreAuthorize("hasAnyAuthority('yuangongguanli')")
    public Result deletePrivileges(@RequestBody Integer id, @ApiIgnore @CurrentUser Users user) {
        return Result.success(usersService.deletePrivileges(id));
    }

    /**
     * 查询用户功能操作权限列表 分三层
     *
     * @param
     * @param user
     * @return
     */
    @PostMapping("/staff/privileges")
    @PreAuthorize("hasAnyAuthority('yuangongchaxun')")
    public Result<StaffPrivilegesVO> findStaffPrivilegesByUserId(@RequestBody FunctionStaffPrivilegeParam param , @CurrentUser Users user) {
        return usersService.findStaffPrivilegesByParam(param);
    }

    /**
     * 保存用户功能操作权限
     *
     * @param
     * @param user
     * @return
     */
    @PostMapping("/staff/privileges/save")
    @PreAuthorize("hasAnyAuthority('yuangongguanli')")
    public Result<Integer> saveStaffPrivilegesByUserId(@RequestBody FunctionStaffPrivilegeParam param , @CurrentUser Users user) {
        return usersService.saveStaffPrivilegesByUserId(param);
    }


}
